Lucene search
K

34 matches found

OSV
OSV
added 2026/05/13 12:21 p.m.11 views

CLSA-2026-1778674879 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix incorrect access of initialized parts of partially filled buffers triggered by crafted APDU responses from USB devices or smart cards...

4.3CVSS6.7AI score0.003EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.27 views

RHEL 9 : squid (RHSA-2026:6301)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:6301 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denia...

9.2CVSS6AI score0.08942EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.11 views

PT-2026-26338

Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled HAVE ALPN / --enable-alpn. A crafted ALPN protocol list could trigger an out-of-bounds read, leading to a potential process cras...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References5
Snyk
Snyk
added 2025/12/05 7:41 p.m.7 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the npduisexpectedreply function. An attacker can cause a crash or misroute replies by sending specially crafted PDUs that trigger out-of-bounds reads. Remediation A fix was pushed into the master branch but not y...

8.7CVSS5.7AI score0.00359EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5820

Malicious code in bioql PyPI...

6.8CVSS6.9AI score0.02985EPSS
Exploits0References12
OSV
OSV
added 2025/07/22 4:15 p.m.9 views

CVE-2025-48498

A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1 when processing a number of fields used for coordination. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database...

7.5CVSS5.9AI score0.00555EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.5 views

OpenSC 缓冲区错误漏洞

OpenSC is an open source smart card tool and middleware. A security vulnerability exists in OpenSC smart card middleware prior to version 0.23, which originates from a stack overflow that can be caused by a crafted APDU response...

7.5CVSS6.2AI score0.01144EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.7 views

The vulnerability of the software for agentless monitoring of Solarwinds Server & Application Monitor, related to authentication procedures that allow a hacker to bypass the authentication process and access confidential information.

The vulnerability of the Solarwinds Server & Application Monitor software for agentless monitoring involves deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to confidential information through...

7.8CVSS7.2AI score0.00754EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-7226

An issue was discovered in vcSetXCutTextProc in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC...

9.8CVSS7.9AI score0.02323EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.4 views

Softing Secure Integration Server 代码问题漏洞

Softing Secure Integration Server is a secure integration server from Softing Germany. It provides a powerful OPC UA data integration layer and supports interface abstraction, aggregation, data preprocessing and security supervision. A code issue vulnerability exists in Softing Secure Integration...

7.5CVSS7.4AI score0.01297EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.4 views

RealVNC Viewer 输入验证错误漏洞

RealVNC RealVnc Viewer is a remote desktop software from RealVNC UK. It is used for instant remote access to a selected computer. An input validation error vulnerability exists in RealVNC Viewer that stems from RealVNC Viewer version 6.21.406 that allows a remote VNC server to cause a denial of...

6.5CVSS6.6AI score0.00956EPSS
Exploits1References3
Prion
Prion
added 2021/09/13 7:15 p.m.19 views

Code injection

A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...

4.3CVSS5.6AI score0.00662EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2021/01/15 6:15 p.m.23 views

Design/Logic Flaw

A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...

6.1CVSS7.3AI score0.00639EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/11/24 12:0 a.m.30 views

MongoDB Authorization Issues Vulnerability

MongoDB is a document-oriented database management system from the U.S.-based MongoDB, Inc. An authorization issue vulnerability exists in MongoDB that allows an unauthenticated client to trigger a denial of service by issuing a specially crafted wired protocol message, which could cause the...

7.5CVSS7.1AI score0.01655EPSS
Exploits0References5
CNVD
CNVD
added 2019/09/18 12:0 a.m.3 views

IBM MQ and IBM MQ Appliance Denial of Service Vulnerabilities

IBM MQ IBM WebSphere MQ and IBM MQ Appliance are both products of IBM Corporation, U.S.A. IBM MQ is a messaging middleware product. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA.IBM MQ Appliance is an all-in-one appliance for rapid...

6.5CVSS6.6AI score0.01619EPSS
Exploits0References1
Prion
Prion
added 2018/08/29 8:29 p.m.13 views

Input validation

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames...

7.8CVSS7.3AI score0.02797EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/08/08 12:29 a.m.5 views

ALPINE-CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

7.5CVSS6.7AI score0.06081EPSS
Exploits1References1
NVD
NVD
added 2018/07/26 2:29 p.m.30 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS7.2AI score0.02985EPSS
Exploits0References6
Cvelist
Cvelist
added 2018/07/26 2:0 p.m.33 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8AI score0.02985EPSS
Exploits0References6
OSV
OSV
added 2018/07/09 8:29 p.m.18 views

CVE-2018-1000614

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder